1 /* $FreeBSD: src/sys/netinet6/in6.c,v 1.7.2.9 2002/04/28 05:40:26 suz Exp $ */ 2 /* $DragonFly: src/sys/netinet6/in6.c,v 1.18 2006/01/31 19:05:42 dillon Exp $ */ 3 /* $KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * Copyright (c) 1982, 1986, 1991, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. All advertising materials mentioning features or use of this software 47 * must display the following acknowledgement: 48 * This product includes software developed by the University of 49 * California, Berkeley and its contributors. 50 * 4. Neither the name of the University nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 55 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 57 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 58 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 59 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 60 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 61 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 62 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 63 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 64 * SUCH DAMAGE. 65 * 66 * @(#)in.c 8.2 (Berkeley) 11/15/93 67 */ 68 69 #include "opt_inet.h" 70 #include "opt_inet6.h" 71 72 #include <sys/param.h> 73 #include <sys/errno.h> 74 #include <sys/malloc.h> 75 #include <sys/socket.h> 76 #include <sys/socketvar.h> 77 #include <sys/sockio.h> 78 #include <sys/systm.h> 79 #include <sys/proc.h> 80 #include <sys/time.h> 81 #include <sys/kernel.h> 82 #include <sys/syslog.h> 83 #include <sys/thread2.h> 84 85 #include <net/if.h> 86 #include <net/if_types.h> 87 #include <net/route.h> 88 #include <net/if_dl.h> 89 90 #include <netinet/in.h> 91 #include <netinet/in_var.h> 92 #include <netinet/if_ether.h> 93 #include <netinet/in_systm.h> 94 #include <netinet/ip.h> 95 #include <netinet/in_pcb.h> 96 97 #include <netinet/ip6.h> 98 #include <netinet6/ip6_var.h> 99 #include <netinet6/nd6.h> 100 #include <netinet6/mld6_var.h> 101 #include <netinet6/ip6_mroute.h> 102 #include <netinet6/in6_ifattach.h> 103 #include <netinet6/scope6_var.h> 104 #include <netinet6/in6_pcb.h> 105 106 #include <net/net_osdep.h> 107 108 MALLOC_DEFINE(M_IPMADDR, "in6_multi", "internet multicast address"); 109 110 /* 111 * Definitions of some costant IP6 addresses. 112 */ 113 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 114 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 115 const struct in6_addr in6addr_nodelocal_allnodes = 116 IN6ADDR_NODELOCAL_ALLNODES_INIT; 117 const struct in6_addr in6addr_linklocal_allnodes = 118 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 119 const struct in6_addr in6addr_linklocal_allrouters = 120 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 121 122 const struct in6_addr in6mask0 = IN6MASK0; 123 const struct in6_addr in6mask32 = IN6MASK32; 124 const struct in6_addr in6mask64 = IN6MASK64; 125 const struct in6_addr in6mask96 = IN6MASK96; 126 const struct in6_addr in6mask128 = IN6MASK128; 127 128 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 129 0, 0, IN6ADDR_ANY_INIT, 0}; 130 131 static int in6_lifaddr_ioctl (struct socket *, u_long, caddr_t, 132 struct ifnet *, struct thread *); 133 static int in6_ifinit (struct ifnet *, struct in6_ifaddr *, 134 struct sockaddr_in6 *, int); 135 static void in6_unlink_ifa (struct in6_ifaddr *, struct ifnet *); 136 static void in6_ifloop_request_callback(int, int, struct rt_addrinfo *, struct rtentry *, void *); 137 138 struct in6_multihead in6_multihead; /* XXX BSS initialization */ 139 140 int (*faithprefix_p)(struct in6_addr *); 141 142 /* 143 * Subroutine for in6_ifaddloop() and in6_ifremloop(). 144 * This routine does actual work. 145 */ 146 static void 147 in6_ifloop_request(int cmd, struct ifaddr *ifa) 148 { 149 struct sockaddr_in6 all1_sa; 150 struct rt_addrinfo rtinfo; 151 int error; 152 153 bzero(&all1_sa, sizeof(all1_sa)); 154 all1_sa.sin6_family = AF_INET6; 155 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 156 all1_sa.sin6_addr = in6mask128; 157 158 /* 159 * We specify the address itself as the gateway, and set the 160 * RTF_LLINFO flag, so that the corresponding host route would have 161 * the flag, and thus applications that assume traditional behavior 162 * would be happy. Note that we assume the caller of the function 163 * (probably implicitly) set nd6_rtrequest() to ifa->ifa_rtrequest, 164 * which changes the outgoing interface to the loopback interface. 165 */ 166 bzero(&rtinfo, sizeof(struct rt_addrinfo)); 167 rtinfo.rti_info[RTAX_DST] = ifa->ifa_addr; 168 rtinfo.rti_info[RTAX_GATEWAY] = ifa->ifa_addr; 169 rtinfo.rti_info[RTAX_NETMASK] = (struct sockaddr *)&all1_sa; 170 rtinfo.rti_flags = RTF_UP|RTF_HOST|RTF_LLINFO; 171 172 error = rtrequest1_global(cmd, &rtinfo, 173 in6_ifloop_request_callback, ifa); 174 if (error != 0) { 175 log(LOG_ERR, "in6_ifloop_request: " 176 "%s operation failed for %s (errno=%d)\n", 177 cmd == RTM_ADD ? "ADD" : "DELETE", 178 ip6_sprintf(&((struct in6_ifaddr *)ifa)->ia_addr.sin6_addr), 179 error); 180 } 181 } 182 183 static void 184 in6_ifloop_request_callback(int cmd, int error, struct rt_addrinfo *rtinfo, 185 struct rtentry *rt, void *arg) 186 { 187 struct ifaddr *ifa = arg; 188 189 if (error) 190 goto done; 191 192 /* 193 * Make sure rt_ifa be equal to IFA, the second argument of the 194 * function. 195 * We need this because when we refer to rt_ifa->ia6_flags in 196 * ip6_input, we assume that the rt_ifa points to the address instead 197 * of the loopback address. 198 */ 199 if (cmd == RTM_ADD && rt && ifa != rt->rt_ifa) { 200 ++rt->rt_refcnt; 201 IFAFREE(rt->rt_ifa); 202 IFAREF(ifa); 203 rt->rt_ifa = ifa; 204 --rt->rt_refcnt; 205 } 206 207 /* 208 * Report the addition/removal of the address to the routing socket. 209 * XXX: since we called rtinit for a p2p interface with a destination, 210 * we end up reporting twice in such a case. Should we rather 211 * omit the second report? 212 */ 213 if (rt) { 214 if (mycpuid == 0) 215 rt_newaddrmsg(cmd, ifa, error, rt); 216 if (cmd == RTM_DELETE) { 217 if (rt->rt_refcnt == 0) { 218 ++rt->rt_refcnt; 219 rtfree(rt); 220 } 221 } 222 } 223 done: 224 /* no way to return any new error */ 225 ; 226 } 227 228 /* 229 * Add ownaddr as loopback rtentry. We previously add the route only if 230 * necessary (ex. on a p2p link). However, since we now manage addresses 231 * separately from prefixes, we should always add the route. We can't 232 * rely on the cloning mechanism from the corresponding interface route 233 * any more. 234 */ 235 static void 236 in6_ifaddloop(struct ifaddr *ifa) 237 { 238 struct rtentry *rt; 239 240 /* If there is no loopback entry, allocate one. */ 241 rt = rtpurelookup(ifa->ifa_addr); 242 if (rt == NULL || !(rt->rt_flags & RTF_HOST) || 243 !(rt->rt_ifp->if_flags & IFF_LOOPBACK)) 244 in6_ifloop_request(RTM_ADD, ifa); 245 if (rt != NULL) 246 rt->rt_refcnt--; 247 } 248 249 /* 250 * Remove loopback rtentry of ownaddr generated by in6_ifaddloop(), 251 * if it exists. 252 */ 253 static void 254 in6_ifremloop(struct ifaddr *ifa) 255 { 256 struct in6_ifaddr *ia; 257 struct rtentry *rt; 258 int ia_count = 0; 259 260 /* 261 * Some of BSD variants do not remove cloned routes 262 * from an interface direct route, when removing the direct route 263 * (see comments in net/net_osdep.h). Even for variants that do remove 264 * cloned routes, they could fail to remove the cloned routes when 265 * we handle multple addresses that share a common prefix. 266 * So, we should remove the route corresponding to the deleted address 267 * regardless of the result of in6_is_ifloop_auto(). 268 */ 269 270 /* 271 * Delete the entry only if exact one ifa exists. More than one ifa 272 * can exist if we assign a same single address to multiple 273 * (probably p2p) interfaces. 274 * XXX: we should avoid such a configuration in IPv6... 275 */ 276 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 277 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) { 278 ia_count++; 279 if (ia_count > 1) 280 break; 281 } 282 } 283 284 if (ia_count == 1) { 285 /* 286 * Before deleting, check if a corresponding loopbacked host 287 * route surely exists. With this check, we can avoid to 288 * delete an interface direct route whose destination is same 289 * as the address being removed. This can happen when remofing 290 * a subnet-router anycast address on an interface attahced 291 * to a shared medium. 292 */ 293 rt = rtpurelookup(ifa->ifa_addr); 294 if (rt != NULL && (rt->rt_flags & RTF_HOST) && 295 (rt->rt_ifp->if_flags & IFF_LOOPBACK)) { 296 rt->rt_refcnt--; 297 in6_ifloop_request(RTM_DELETE, ifa); 298 } 299 } 300 } 301 302 int 303 in6_ifindex2scopeid(int idx) 304 { 305 struct ifnet *ifp; 306 struct ifaddr *ifa; 307 struct sockaddr_in6 *sin6; 308 309 if (idx < 0 || if_index < idx) 310 return -1; 311 ifp = ifindex2ifnet[idx]; 312 313 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 314 { 315 if (ifa->ifa_addr->sa_family != AF_INET6) 316 continue; 317 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; 318 if (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr)) 319 return sin6->sin6_scope_id & 0xffff; 320 } 321 322 return -1; 323 } 324 325 int 326 in6_mask2len(struct in6_addr *mask, u_char *lim0) 327 { 328 int x = 0, y; 329 u_char *lim = lim0, *p; 330 331 if (lim0 == NULL || 332 lim0 - (u_char *)mask > sizeof(*mask)) /* ignore the scope_id part */ 333 lim = (u_char *)mask + sizeof(*mask); 334 for (p = (u_char *)mask; p < lim; x++, p++) { 335 if (*p != 0xff) 336 break; 337 } 338 y = 0; 339 if (p < lim) { 340 for (y = 0; y < 8; y++) { 341 if ((*p & (0x80 >> y)) == 0) 342 break; 343 } 344 } 345 346 /* 347 * when the limit pointer is given, do a stricter check on the 348 * remaining bits. 349 */ 350 if (p < lim) { 351 if (y != 0 && (*p & (0x00ff >> y)) != 0) 352 return(-1); 353 for (p = p + 1; p < lim; p++) 354 if (*p != 0) 355 return(-1); 356 } 357 358 return x * 8 + y; 359 } 360 361 void 362 in6_len2mask(struct in6_addr *mask, int len) 363 { 364 int i; 365 366 bzero(mask, sizeof(*mask)); 367 for (i = 0; i < len / 8; i++) 368 mask->s6_addr8[i] = 0xff; 369 if (len % 8) 370 mask->s6_addr8[i] = (0xff00 >> (len % 8)) & 0xff; 371 } 372 373 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 374 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 375 376 int 377 in6_control(struct socket *so, u_long cmd, caddr_t data, 378 struct ifnet *ifp, struct thread *td) 379 { 380 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 381 struct in6_ifaddr *ia = NULL; 382 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 383 int privileged; 384 int error; 385 386 privileged = 0; 387 if (suser(td) == 0) 388 privileged++; 389 390 switch (cmd) { 391 case SIOCGETSGCNT_IN6: 392 case SIOCGETMIFCNT_IN6: 393 return (mrt6_ioctl(cmd, data)); 394 } 395 396 if (ifp == NULL) 397 return(EOPNOTSUPP); 398 399 switch (cmd) { 400 case SIOCSNDFLUSH_IN6: 401 case SIOCSPFXFLUSH_IN6: 402 case SIOCSRTRFLUSH_IN6: 403 case SIOCSDEFIFACE_IN6: 404 case SIOCSIFINFO_FLAGS: 405 if (!privileged) 406 return(EPERM); 407 /* fall through */ 408 case OSIOCGIFINFO_IN6: 409 case SIOCGIFINFO_IN6: 410 case SIOCGDRLST_IN6: 411 case SIOCGPRLST_IN6: 412 case SIOCGNBRINFO_IN6: 413 case SIOCGDEFIFACE_IN6: 414 return(nd6_ioctl(cmd, data, ifp)); 415 } 416 417 switch (cmd) { 418 case SIOCSIFPREFIX_IN6: 419 case SIOCDIFPREFIX_IN6: 420 case SIOCAIFPREFIX_IN6: 421 case SIOCCIFPREFIX_IN6: 422 case SIOCSGIFPREFIX_IN6: 423 case SIOCGIFPREFIX_IN6: 424 log(LOG_NOTICE, 425 "prefix ioctls are now invalidated. " 426 "please use ifconfig.\n"); 427 return(EOPNOTSUPP); 428 } 429 430 switch (cmd) { 431 case SIOCSSCOPE6: 432 if (!privileged) 433 return(EPERM); 434 return(scope6_set(ifp, 435 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 436 break; 437 case SIOCGSCOPE6: 438 return(scope6_get(ifp, 439 (struct scope6_id *)ifr->ifr_ifru.ifru_scope_id)); 440 break; 441 case SIOCGSCOPE6DEF: 442 return(scope6_get_default((struct scope6_id *) 443 ifr->ifr_ifru.ifru_scope_id)); 444 break; 445 } 446 447 switch (cmd) { 448 case SIOCALIFADDR: 449 case SIOCDLIFADDR: 450 if (!privileged) 451 return(EPERM); 452 /* fall through */ 453 case SIOCGLIFADDR: 454 return in6_lifaddr_ioctl(so, cmd, data, ifp, td); 455 } 456 457 /* 458 * Find address for this interface, if it exists. 459 */ 460 if (ifra->ifra_addr.sin6_family == AF_INET6) { /* XXX */ 461 struct sockaddr_in6 *sa6 = 462 (struct sockaddr_in6 *)&ifra->ifra_addr; 463 464 if (IN6_IS_ADDR_LINKLOCAL(&sa6->sin6_addr)) { 465 if (sa6->sin6_addr.s6_addr16[1] == 0) { 466 /* link ID is not embedded by the user */ 467 sa6->sin6_addr.s6_addr16[1] = 468 htons(ifp->if_index); 469 } else if (sa6->sin6_addr.s6_addr16[1] != 470 htons(ifp->if_index)) { 471 return(EINVAL); /* link ID contradicts */ 472 } 473 if (sa6->sin6_scope_id) { 474 if (sa6->sin6_scope_id != 475 (u_int32_t)ifp->if_index) 476 return(EINVAL); 477 sa6->sin6_scope_id = 0; /* XXX: good way? */ 478 } 479 } 480 ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr); 481 } 482 483 switch (cmd) { 484 case SIOCSIFADDR_IN6: 485 case SIOCSIFDSTADDR_IN6: 486 case SIOCSIFNETMASK_IN6: 487 /* 488 * Since IPv6 allows a node to assign multiple addresses 489 * on a single interface, SIOCSIFxxx ioctls are not suitable 490 * and should be unused. 491 */ 492 /* we decided to obsolete this command (20000704) */ 493 return(EINVAL); 494 495 case SIOCDIFADDR_IN6: 496 /* 497 * for IPv4, we look for existing in_ifaddr here to allow 498 * "ifconfig if0 delete" to remove first IPv4 address on the 499 * interface. For IPv6, as the spec allow multiple interface 500 * address from the day one, we consider "remove the first one" 501 * semantics to be not preferable. 502 */ 503 if (ia == NULL) 504 return(EADDRNOTAVAIL); 505 /* FALLTHROUGH */ 506 case SIOCAIFADDR_IN6: 507 /* 508 * We always require users to specify a valid IPv6 address for 509 * the corresponding operation. 510 */ 511 if (ifra->ifra_addr.sin6_family != AF_INET6 || 512 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 513 return(EAFNOSUPPORT); 514 if (!privileged) 515 return(EPERM); 516 517 break; 518 519 case SIOCGIFADDR_IN6: 520 /* This interface is basically deprecated. use SIOCGIFCONF. */ 521 /* fall through */ 522 case SIOCGIFAFLAG_IN6: 523 case SIOCGIFNETMASK_IN6: 524 case SIOCGIFDSTADDR_IN6: 525 case SIOCGIFALIFETIME_IN6: 526 /* must think again about its semantics */ 527 if (ia == NULL) 528 return(EADDRNOTAVAIL); 529 break; 530 case SIOCSIFALIFETIME_IN6: 531 { 532 struct in6_addrlifetime *lt; 533 534 if (!privileged) 535 return(EPERM); 536 if (ia == NULL) 537 return(EADDRNOTAVAIL); 538 /* sanity for overflow - beware unsigned */ 539 lt = &ifr->ifr_ifru.ifru_lifetime; 540 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 541 && lt->ia6t_vltime + time_second < time_second) { 542 return EINVAL; 543 } 544 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 545 && lt->ia6t_pltime + time_second < time_second) { 546 return EINVAL; 547 } 548 break; 549 } 550 } 551 552 switch (cmd) { 553 554 case SIOCGIFADDR_IN6: 555 ifr->ifr_addr = ia->ia_addr; 556 break; 557 558 case SIOCGIFDSTADDR_IN6: 559 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 560 return(EINVAL); 561 /* 562 * XXX: should we check if ifa_dstaddr is NULL and return 563 * an error? 564 */ 565 ifr->ifr_dstaddr = ia->ia_dstaddr; 566 break; 567 568 case SIOCGIFNETMASK_IN6: 569 ifr->ifr_addr = ia->ia_prefixmask; 570 break; 571 572 case SIOCGIFAFLAG_IN6: 573 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 574 break; 575 576 case SIOCGIFSTAT_IN6: 577 if (ifp == NULL) 578 return EINVAL; 579 bzero(&ifr->ifr_ifru.ifru_stat, 580 sizeof(ifr->ifr_ifru.ifru_stat)); 581 ifr->ifr_ifru.ifru_stat = 582 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 583 break; 584 585 case SIOCGIFSTAT_ICMP6: 586 bzero(&ifr->ifr_ifru.ifru_stat, 587 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 588 ifr->ifr_ifru.ifru_icmp6stat = 589 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 590 break; 591 592 case SIOCGIFALIFETIME_IN6: 593 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 594 break; 595 596 case SIOCSIFALIFETIME_IN6: 597 ia->ia6_lifetime = ifr->ifr_ifru.ifru_lifetime; 598 /* for sanity */ 599 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 600 ia->ia6_lifetime.ia6t_expire = 601 time_second + ia->ia6_lifetime.ia6t_vltime; 602 } else 603 ia->ia6_lifetime.ia6t_expire = 0; 604 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 605 ia->ia6_lifetime.ia6t_preferred = 606 time_second + ia->ia6_lifetime.ia6t_pltime; 607 } else 608 ia->ia6_lifetime.ia6t_preferred = 0; 609 break; 610 611 case SIOCAIFADDR_IN6: 612 { 613 int i, error = 0; 614 struct nd_prefix pr0, *pr; 615 616 /* 617 * first, make or update the interface address structure, 618 * and link it to the list. 619 */ 620 if ((error = in6_update_ifa(ifp, ifra, ia)) != 0) 621 return(error); 622 623 /* 624 * then, make the prefix on-link on the interface. 625 * XXX: we'd rather create the prefix before the address, but 626 * we need at least one address to install the corresponding 627 * interface route, so we configure the address first. 628 */ 629 630 /* 631 * convert mask to prefix length (prefixmask has already 632 * been validated in in6_update_ifa(). 633 */ 634 bzero(&pr0, sizeof(pr0)); 635 pr0.ndpr_ifp = ifp; 636 pr0.ndpr_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 637 NULL); 638 if (pr0.ndpr_plen == 128) 639 break; /* we don't need to install a host route. */ 640 pr0.ndpr_prefix = ifra->ifra_addr; 641 pr0.ndpr_mask = ifra->ifra_prefixmask.sin6_addr; 642 /* apply the mask for safety. */ 643 for (i = 0; i < 4; i++) { 644 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 645 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 646 } 647 /* 648 * XXX: since we don't have an API to set prefix (not address) 649 * lifetimes, we just use the same lifetimes as addresses. 650 * The (temporarily) installed lifetimes can be overridden by 651 * later advertised RAs (when accept_rtadv is non 0), which is 652 * an intended behavior. 653 */ 654 pr0.ndpr_raf_onlink = 1; /* should be configurable? */ 655 pr0.ndpr_raf_auto = 656 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 657 pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime; 658 pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime; 659 660 /* add the prefix if there's one. */ 661 if ((pr = nd6_prefix_lookup(&pr0)) == NULL) { 662 /* 663 * nd6_prelist_add will install the corresponding 664 * interface route. 665 */ 666 if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) 667 return(error); 668 if (pr == NULL) { 669 log(LOG_ERR, "nd6_prelist_add succedded but " 670 "no prefix\n"); 671 return(EINVAL); /* XXX panic here? */ 672 } 673 } 674 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 675 == NULL) { 676 /* XXX: this should not happen! */ 677 log(LOG_ERR, "in6_control: addition succeeded, but" 678 " no ifaddr\n"); 679 } else { 680 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 && 681 ia->ia6_ndpr == NULL) { /* new autoconfed addr */ 682 ia->ia6_ndpr = pr; 683 pr->ndpr_refcnt++; 684 685 /* 686 * If this is the first autoconf address from 687 * the prefix, create a temporary address 688 * as well (when specified). 689 */ 690 if (ip6_use_tempaddr && 691 pr->ndpr_refcnt == 1) { 692 int e; 693 if ((e = in6_tmpifadd(ia, 1)) != 0) { 694 log(LOG_NOTICE, "in6_control: " 695 "failed to create a " 696 "temporary address, " 697 "errno=%d\n", 698 e); 699 } 700 } 701 } 702 703 /* 704 * this might affect the status of autoconfigured 705 * addresses, that is, this address might make 706 * other addresses detached. 707 */ 708 pfxlist_onlink_check(); 709 } 710 if (error == 0 && ia) 711 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 712 break; 713 } 714 715 case SIOCDIFADDR_IN6: 716 { 717 int i = 0; 718 struct nd_prefix pr0, *pr; 719 720 /* 721 * If the address being deleted is the only one that owns 722 * the corresponding prefix, expire the prefix as well. 723 * XXX: theoretically, we don't have to warry about such 724 * relationship, since we separate the address management 725 * and the prefix management. We do this, however, to provide 726 * as much backward compatibility as possible in terms of 727 * the ioctl operation. 728 */ 729 bzero(&pr0, sizeof(pr0)); 730 pr0.ndpr_ifp = ifp; 731 pr0.ndpr_plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, 732 NULL); 733 if (pr0.ndpr_plen == 128) 734 goto purgeaddr; 735 pr0.ndpr_prefix = ia->ia_addr; 736 pr0.ndpr_mask = ia->ia_prefixmask.sin6_addr; 737 for (i = 0; i < 4; i++) { 738 pr0.ndpr_prefix.sin6_addr.s6_addr32[i] &= 739 ia->ia_prefixmask.sin6_addr.s6_addr32[i]; 740 } 741 /* 742 * The logic of the following condition is a bit complicated. 743 * We expire the prefix when 744 * 1. the address obeys autoconfiguration and it is the 745 * only owner of the associated prefix, or 746 * 2. the address does not obey autoconf and there is no 747 * other owner of the prefix. 748 */ 749 if ((pr = nd6_prefix_lookup(&pr0)) != NULL && 750 (((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0 && 751 pr->ndpr_refcnt == 1) || 752 ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0 && 753 pr->ndpr_refcnt == 0))) { 754 pr->ndpr_expire = 1; /* XXX: just for expiration */ 755 } 756 757 purgeaddr: 758 in6_purgeaddr(&ia->ia_ifa); 759 EVENTHANDLER_INVOKE(ifaddr_event, ifp); 760 break; 761 } 762 763 default: 764 if (ifp == NULL || ifp->if_ioctl == 0) 765 return(EOPNOTSUPP); 766 lwkt_serialize_enter(ifp->if_serializer); 767 error = ifp->if_ioctl(ifp, cmd, data, td->td_proc->p_ucred); 768 lwkt_serialize_exit(ifp->if_serializer); 769 return (error); 770 } 771 772 return(0); 773 } 774 775 /* 776 * Update parameters of an IPv6 interface address. 777 * If necessary, a new entry is created and linked into address chains. 778 * This function is separated from in6_control(). 779 * XXX: should this be performed under splnet()? 780 */ 781 int 782 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 783 struct in6_ifaddr *ia) 784 { 785 int error = 0, hostIsNew = 0, plen = -1; 786 struct in6_ifaddr *oia; 787 struct sockaddr_in6 dst6; 788 struct in6_addrlifetime *lt; 789 790 /* Validate parameters */ 791 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 792 return(EINVAL); 793 794 /* 795 * The destination address for a p2p link must have a family 796 * of AF_UNSPEC or AF_INET6. 797 */ 798 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 799 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 800 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 801 return(EAFNOSUPPORT); 802 /* 803 * validate ifra_prefixmask. don't check sin6_family, netmask 804 * does not carry fields other than sin6_len. 805 */ 806 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 807 return(EINVAL); 808 /* 809 * Because the IPv6 address architecture is classless, we require 810 * users to specify a (non 0) prefix length (mask) for a new address. 811 * We also require the prefix (when specified) mask is valid, and thus 812 * reject a non-consecutive mask. 813 */ 814 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 815 return(EINVAL); 816 if (ifra->ifra_prefixmask.sin6_len != 0) { 817 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 818 (u_char *)&ifra->ifra_prefixmask + 819 ifra->ifra_prefixmask.sin6_len); 820 if (plen <= 0) 821 return(EINVAL); 822 } 823 else { 824 /* 825 * In this case, ia must not be NULL. We just use its prefix 826 * length. 827 */ 828 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 829 } 830 /* 831 * If the destination address on a p2p interface is specified, 832 * and the address is a scoped one, validate/set the scope 833 * zone identifier. 834 */ 835 dst6 = ifra->ifra_dstaddr; 836 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) && 837 (dst6.sin6_family == AF_INET6)) { 838 int scopeid; 839 840 if ((error = in6_recoverscope(&dst6, 841 &ifra->ifra_dstaddr.sin6_addr, 842 ifp)) != 0) 843 return(error); 844 scopeid = in6_addr2scopeid(ifp, &dst6.sin6_addr); 845 if (dst6.sin6_scope_id == 0) /* user omit to specify the ID. */ 846 dst6.sin6_scope_id = scopeid; 847 else if (dst6.sin6_scope_id != scopeid) 848 return(EINVAL); /* scope ID mismatch. */ 849 if ((error = in6_embedscope(&dst6.sin6_addr, &dst6, NULL, NULL)) 850 != 0) 851 return(error); 852 dst6.sin6_scope_id = 0; /* XXX */ 853 } 854 /* 855 * The destination address can be specified only for a p2p or a 856 * loopback interface. If specified, the corresponding prefix length 857 * must be 128. 858 */ 859 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 860 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 861 /* XXX: noisy message */ 862 log(LOG_INFO, "in6_update_ifa: a destination can be " 863 "specified for a p2p or a loopback IF only\n"); 864 return(EINVAL); 865 } 866 if (plen != 128) { 867 /* 868 * The following message seems noisy, but we dare to 869 * add it for diagnosis. 870 */ 871 log(LOG_INFO, "in6_update_ifa: prefixlen must be 128 " 872 "when dstaddr is specified\n"); 873 return(EINVAL); 874 } 875 } 876 /* lifetime consistency check */ 877 lt = &ifra->ifra_lifetime; 878 if (lt->ia6t_vltime != ND6_INFINITE_LIFETIME 879 && lt->ia6t_vltime + time_second < time_second) { 880 return EINVAL; 881 } 882 if (lt->ia6t_vltime == 0) { 883 /* 884 * the following log might be noisy, but this is a typical 885 * configuration mistake or a tool's bug. 886 */ 887 log(LOG_INFO, 888 "in6_update_ifa: valid lifetime is 0 for %s\n", 889 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 890 } 891 if (lt->ia6t_pltime != ND6_INFINITE_LIFETIME 892 && lt->ia6t_pltime + time_second < time_second) { 893 return EINVAL; 894 } 895 896 /* 897 * If this is a new address, allocate a new ifaddr and link it 898 * into chains. 899 */ 900 if (ia == NULL) { 901 hostIsNew = 1; 902 /* 903 * When in6_update_ifa() is called in a process of a received 904 * RA, it is called under splnet(). So, we should call malloc 905 * with M_NOWAIT. 906 */ 907 ia = (struct in6_ifaddr *) 908 malloc(sizeof(*ia), M_IFADDR, M_NOWAIT); 909 if (ia == NULL) 910 return (ENOBUFS); 911 bzero((caddr_t)ia, sizeof(*ia)); 912 /* Initialize the address and masks */ 913 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 914 ia->ia_addr.sin6_family = AF_INET6; 915 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 916 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 917 /* 918 * XXX: some functions expect that ifa_dstaddr is not 919 * NULL for p2p interfaces. 920 */ 921 ia->ia_ifa.ifa_dstaddr 922 = (struct sockaddr *)&ia->ia_dstaddr; 923 } else { 924 ia->ia_ifa.ifa_dstaddr = NULL; 925 } 926 ia->ia_ifa.ifa_netmask 927 = (struct sockaddr *)&ia->ia_prefixmask; 928 929 ia->ia_ifp = ifp; 930 if ((oia = in6_ifaddr) != NULL) { 931 for ( ; oia->ia_next; oia = oia->ia_next) 932 continue; 933 oia->ia_next = ia; 934 } else 935 in6_ifaddr = ia; 936 937 TAILQ_INSERT_TAIL(&ifp->if_addrlist, &ia->ia_ifa, 938 ifa_list); 939 } 940 941 /* set prefix mask */ 942 if (ifra->ifra_prefixmask.sin6_len) { 943 /* 944 * We prohibit changing the prefix length of an existing 945 * address, because 946 * + such an operation should be rare in IPv6, and 947 * + the operation would confuse prefix management. 948 */ 949 if (ia->ia_prefixmask.sin6_len && 950 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 951 log(LOG_INFO, "in6_update_ifa: the prefix length of an" 952 " existing (%s) address should not be changed\n", 953 ip6_sprintf(&ia->ia_addr.sin6_addr)); 954 error = EINVAL; 955 goto unlink; 956 } 957 ia->ia_prefixmask = ifra->ifra_prefixmask; 958 } 959 960 /* 961 * If a new destination address is specified, scrub the old one and 962 * install the new destination. Note that the interface must be 963 * p2p or loopback (see the check above.) 964 */ 965 if (dst6.sin6_family == AF_INET6 && 966 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, 967 &ia->ia_dstaddr.sin6_addr)) { 968 int e; 969 970 if ((ia->ia_flags & IFA_ROUTE) != 0 && 971 (e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 972 != 0) { 973 log(LOG_ERR, "in6_update_ifa: failed to remove " 974 "a route to the old destination: %s\n", 975 ip6_sprintf(&ia->ia_addr.sin6_addr)); 976 /* proceed anyway... */ 977 } 978 else 979 ia->ia_flags &= ~IFA_ROUTE; 980 ia->ia_dstaddr = dst6; 981 } 982 983 /* reset the interface and routing table appropriately. */ 984 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) 985 goto unlink; 986 987 /* 988 * Beyond this point, we should call in6_purgeaddr upon an error, 989 * not just go to unlink. 990 */ 991 992 #if 0 /* disable this mechanism for now */ 993 /* update prefix list */ 994 if (hostIsNew && 995 (ifra->ifra_flags & IN6_IFF_NOPFX) == 0) { /* XXX */ 996 int iilen; 997 998 iilen = (sizeof(ia->ia_prefixmask.sin6_addr) << 3) - plen; 999 if ((error = in6_prefix_add_ifid(iilen, ia)) != 0) { 1000 in6_purgeaddr((struct ifaddr *)ia); 1001 return(error); 1002 } 1003 } 1004 #endif 1005 1006 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1007 struct sockaddr_in6 mltaddr, mltmask; 1008 struct in6_multi *in6m; 1009 1010 if (hostIsNew) { 1011 /* 1012 * join solicited multicast addr for new host id 1013 */ 1014 struct in6_addr llsol; 1015 bzero(&llsol, sizeof(struct in6_addr)); 1016 llsol.s6_addr16[0] = htons(0xff02); 1017 llsol.s6_addr16[1] = htons(ifp->if_index); 1018 llsol.s6_addr32[1] = 0; 1019 llsol.s6_addr32[2] = htonl(1); 1020 llsol.s6_addr32[3] = 1021 ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1022 llsol.s6_addr8[12] = 0xff; 1023 in6_addmulti(&llsol, ifp, &error); 1024 if (error != 0) { 1025 log(LOG_WARNING, 1026 "in6_update_ifa: addmulti failed for " 1027 "%s on %s (errno=%d)\n", 1028 ip6_sprintf(&llsol), if_name(ifp), 1029 error); 1030 in6_purgeaddr((struct ifaddr *)ia); 1031 return(error); 1032 } 1033 } 1034 1035 bzero(&mltmask, sizeof(mltmask)); 1036 mltmask.sin6_len = sizeof(struct sockaddr_in6); 1037 mltmask.sin6_family = AF_INET6; 1038 mltmask.sin6_addr = in6mask32; 1039 1040 /* 1041 * join link-local all-nodes address 1042 */ 1043 bzero(&mltaddr, sizeof(mltaddr)); 1044 mltaddr.sin6_len = sizeof(struct sockaddr_in6); 1045 mltaddr.sin6_family = AF_INET6; 1046 mltaddr.sin6_addr = in6addr_linklocal_allnodes; 1047 mltaddr.sin6_addr.s6_addr16[1] = htons(ifp->if_index); 1048 1049 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1050 if (in6m == NULL) { 1051 rtrequest_global(RTM_ADD, 1052 (struct sockaddr *)&mltaddr, 1053 (struct sockaddr *)&ia->ia_addr, 1054 (struct sockaddr *)&mltmask, 1055 RTF_UP|RTF_CLONING); /* xxx */ 1056 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1057 if (error != 0) { 1058 log(LOG_WARNING, 1059 "in6_update_ifa: addmulti failed for " 1060 "%s on %s (errno=%d)\n", 1061 ip6_sprintf(&mltaddr.sin6_addr), 1062 if_name(ifp), error); 1063 } 1064 } 1065 1066 /* 1067 * join node information group address 1068 */ 1069 #define hostnamelen strlen(hostname) 1070 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr.sin6_addr) 1071 == 0) { 1072 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1073 if (in6m == NULL && ia != NULL) { 1074 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1075 if (error != 0) { 1076 log(LOG_WARNING, "in6_update_ifa: " 1077 "addmulti failed for " 1078 "%s on %s (errno=%d)\n", 1079 ip6_sprintf(&mltaddr.sin6_addr), 1080 if_name(ifp), error); 1081 } 1082 } 1083 } 1084 #undef hostnamelen 1085 1086 /* 1087 * join node-local all-nodes address, on loopback. 1088 * XXX: since "node-local" is obsoleted by interface-local, 1089 * we have to join the group on every interface with 1090 * some interface-boundary restriction. 1091 */ 1092 if (ifp->if_flags & IFF_LOOPBACK) { 1093 struct in6_ifaddr *ia_loop; 1094 1095 struct in6_addr loop6 = in6addr_loopback; 1096 ia_loop = in6ifa_ifpwithaddr(ifp, &loop6); 1097 1098 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1099 1100 IN6_LOOKUP_MULTI(mltaddr.sin6_addr, ifp, in6m); 1101 if (in6m == NULL && ia_loop != NULL) { 1102 rtrequest_global(RTM_ADD, 1103 (struct sockaddr *)&mltaddr, 1104 (struct sockaddr *)&ia_loop->ia_addr, 1105 (struct sockaddr *)&mltmask, 1106 RTF_UP); 1107 in6_addmulti(&mltaddr.sin6_addr, ifp, &error); 1108 if (error != 0) { 1109 log(LOG_WARNING, "in6_update_ifa: " 1110 "addmulti failed for %s on %s " 1111 "(errno=%d)\n", 1112 ip6_sprintf(&mltaddr.sin6_addr), 1113 if_name(ifp), error); 1114 } 1115 } 1116 } 1117 } 1118 1119 ia->ia6_flags = ifra->ifra_flags; 1120 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /*safety*/ 1121 ia->ia6_flags &= ~IN6_IFF_NODAD; /* Mobile IPv6 */ 1122 1123 ia->ia6_lifetime = ifra->ifra_lifetime; 1124 /* for sanity */ 1125 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 1126 ia->ia6_lifetime.ia6t_expire = 1127 time_second + ia->ia6_lifetime.ia6t_vltime; 1128 } else 1129 ia->ia6_lifetime.ia6t_expire = 0; 1130 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 1131 ia->ia6_lifetime.ia6t_preferred = 1132 time_second + ia->ia6_lifetime.ia6t_pltime; 1133 } else 1134 ia->ia6_lifetime.ia6t_preferred = 0; 1135 1136 /* 1137 * Perform DAD, if needed. 1138 * XXX It may be of use, if we can administratively 1139 * disable DAD. 1140 */ 1141 if (in6if_do_dad(ifp) && (ifra->ifra_flags & IN6_IFF_NODAD) == 0) { 1142 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1143 nd6_dad_start((struct ifaddr *)ia, NULL); 1144 } 1145 1146 return(error); 1147 1148 unlink: 1149 /* 1150 * XXX: if a change of an existing address failed, keep the entry 1151 * anyway. 1152 */ 1153 if (hostIsNew) 1154 in6_unlink_ifa(ia, ifp); 1155 return(error); 1156 } 1157 1158 void 1159 in6_purgeaddr(struct ifaddr *ifa) 1160 { 1161 struct ifnet *ifp = ifa->ifa_ifp; 1162 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1163 1164 /* stop DAD processing */ 1165 nd6_dad_stop(ifa); 1166 1167 /* 1168 * delete route to the destination of the address being purged. 1169 * The interface must be p2p or loopback in this case. 1170 */ 1171 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1172 int e; 1173 1174 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1175 != 0) { 1176 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1177 "a route to the p2p destination: %s on %s, " 1178 "errno=%d\n", 1179 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1180 e); 1181 /* proceed anyway... */ 1182 } 1183 else 1184 ia->ia_flags &= ~IFA_ROUTE; 1185 } 1186 1187 /* Remove ownaddr's loopback rtentry, if it exists. */ 1188 in6_ifremloop(&(ia->ia_ifa)); 1189 1190 if (ifp->if_flags & IFF_MULTICAST) { 1191 /* 1192 * delete solicited multicast addr for deleting host id 1193 */ 1194 struct in6_multi *in6m; 1195 struct in6_addr llsol; 1196 bzero(&llsol, sizeof(struct in6_addr)); 1197 llsol.s6_addr16[0] = htons(0xff02); 1198 llsol.s6_addr16[1] = htons(ifp->if_index); 1199 llsol.s6_addr32[1] = 0; 1200 llsol.s6_addr32[2] = htonl(1); 1201 llsol.s6_addr32[3] = 1202 ia->ia_addr.sin6_addr.s6_addr32[3]; 1203 llsol.s6_addr8[12] = 0xff; 1204 1205 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1206 if (in6m) 1207 in6_delmulti(in6m); 1208 } 1209 1210 in6_unlink_ifa(ia, ifp); 1211 } 1212 1213 static void 1214 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1215 { 1216 int plen, iilen; 1217 struct in6_ifaddr *oia; 1218 1219 crit_enter(); 1220 1221 TAILQ_REMOVE(&ifp->if_addrlist, &ia->ia_ifa, ifa_list); 1222 1223 oia = ia; 1224 if (oia == (ia = in6_ifaddr)) 1225 in6_ifaddr = ia->ia_next; 1226 else { 1227 while (ia->ia_next && (ia->ia_next != oia)) 1228 ia = ia->ia_next; 1229 if (ia->ia_next) 1230 ia->ia_next = oia->ia_next; 1231 else { 1232 /* search failed */ 1233 printf("Couldn't unlink in6_ifaddr from in6_ifaddr\n"); 1234 } 1235 } 1236 1237 if (oia->ia6_ifpr) { /* check for safety */ 1238 plen = in6_mask2len(&oia->ia_prefixmask.sin6_addr, NULL); 1239 iilen = (sizeof(oia->ia_prefixmask.sin6_addr) << 3) - plen; 1240 in6_prefix_remove_ifid(iilen, oia); 1241 } 1242 1243 /* 1244 * When an autoconfigured address is being removed, release the 1245 * reference to the base prefix. Also, since the release might 1246 * affect the status of other (detached) addresses, call 1247 * pfxlist_onlink_check(). 1248 */ 1249 if ((oia->ia6_flags & IN6_IFF_AUTOCONF) != 0) { 1250 if (oia->ia6_ndpr == NULL) { 1251 log(LOG_NOTICE, "in6_unlink_ifa: autoconf'ed address " 1252 "%p has no prefix\n", oia); 1253 } else { 1254 oia->ia6_ndpr->ndpr_refcnt--; 1255 oia->ia6_flags &= ~IN6_IFF_AUTOCONF; 1256 oia->ia6_ndpr = NULL; 1257 } 1258 1259 pfxlist_onlink_check(); 1260 } 1261 1262 /* 1263 * release another refcnt for the link from in6_ifaddr. 1264 * Note that we should decrement the refcnt at least once for all *BSD. 1265 */ 1266 IFAFREE(&oia->ia_ifa); 1267 1268 crit_exit(); 1269 } 1270 1271 void 1272 in6_purgeif(struct ifnet *ifp) 1273 { 1274 struct ifaddr *ifa, *nifa; 1275 1276 for (ifa = TAILQ_FIRST(&ifp->if_addrlist); ifa != NULL; ifa = nifa) 1277 { 1278 nifa = TAILQ_NEXT(ifa, ifa_list); 1279 if (ifa->ifa_addr->sa_family != AF_INET6) 1280 continue; 1281 in6_purgeaddr(ifa); 1282 } 1283 1284 in6_ifdetach(ifp); 1285 } 1286 1287 /* 1288 * SIOC[GAD]LIFADDR. 1289 * SIOCGLIFADDR: get first address. (?) 1290 * SIOCGLIFADDR with IFLR_PREFIX: 1291 * get first address that matches the specified prefix. 1292 * SIOCALIFADDR: add the specified address. 1293 * SIOCALIFADDR with IFLR_PREFIX: 1294 * add the specified prefix, filling hostid part from 1295 * the first link-local address. prefixlen must be <= 64. 1296 * SIOCDLIFADDR: delete the specified address. 1297 * SIOCDLIFADDR with IFLR_PREFIX: 1298 * delete the first address that matches the specified prefix. 1299 * return values: 1300 * EINVAL on invalid parameters 1301 * EADDRNOTAVAIL on prefix match failed/specified address not found 1302 * other values may be returned from in6_ioctl() 1303 * 1304 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1305 * this is to accomodate address naming scheme other than RFC2374, 1306 * in the future. 1307 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1308 * address encoding scheme. (see figure on page 8) 1309 */ 1310 static int 1311 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data, 1312 struct ifnet *ifp, struct thread *td) 1313 { 1314 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1315 struct ifaddr *ifa; 1316 struct sockaddr *sa; 1317 1318 /* sanity checks */ 1319 if (!data || !ifp) { 1320 panic("invalid argument to in6_lifaddr_ioctl"); 1321 /*NOTRECHED*/ 1322 } 1323 1324 switch (cmd) { 1325 case SIOCGLIFADDR: 1326 /* address must be specified on GET with IFLR_PREFIX */ 1327 if ((iflr->flags & IFLR_PREFIX) == 0) 1328 break; 1329 /* FALLTHROUGH */ 1330 case SIOCALIFADDR: 1331 case SIOCDLIFADDR: 1332 /* address must be specified on ADD and DELETE */ 1333 sa = (struct sockaddr *)&iflr->addr; 1334 if (sa->sa_family != AF_INET6) 1335 return EINVAL; 1336 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1337 return EINVAL; 1338 /* XXX need improvement */ 1339 sa = (struct sockaddr *)&iflr->dstaddr; 1340 if (sa->sa_family && sa->sa_family != AF_INET6) 1341 return EINVAL; 1342 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1343 return EINVAL; 1344 break; 1345 default: /* shouldn't happen */ 1346 #if 0 1347 panic("invalid cmd to in6_lifaddr_ioctl"); 1348 /* NOTREACHED */ 1349 #else 1350 return EOPNOTSUPP; 1351 #endif 1352 } 1353 if (sizeof(struct in6_addr) * 8 < iflr->prefixlen) 1354 return EINVAL; 1355 1356 switch (cmd) { 1357 case SIOCALIFADDR: 1358 { 1359 struct in6_aliasreq ifra; 1360 struct in6_addr *hostid = NULL; 1361 int prefixlen; 1362 1363 if ((iflr->flags & IFLR_PREFIX) != 0) { 1364 struct sockaddr_in6 *sin6; 1365 1366 /* 1367 * hostid is to fill in the hostid part of the 1368 * address. hostid points to the first link-local 1369 * address attached to the interface. 1370 */ 1371 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 0); 1372 if (!ifa) 1373 return EADDRNOTAVAIL; 1374 hostid = IFA_IN6(ifa); 1375 1376 /* prefixlen must be <= 64. */ 1377 if (64 < iflr->prefixlen) 1378 return EINVAL; 1379 prefixlen = iflr->prefixlen; 1380 1381 /* hostid part must be zero. */ 1382 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1383 if (sin6->sin6_addr.s6_addr32[2] != 0 1384 || sin6->sin6_addr.s6_addr32[3] != 0) { 1385 return EINVAL; 1386 } 1387 } else 1388 prefixlen = iflr->prefixlen; 1389 1390 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1391 bzero(&ifra, sizeof(ifra)); 1392 bcopy(iflr->iflr_name, ifra.ifra_name, 1393 sizeof(ifra.ifra_name)); 1394 1395 bcopy(&iflr->addr, &ifra.ifra_addr, 1396 ((struct sockaddr *)&iflr->addr)->sa_len); 1397 if (hostid) { 1398 /* fill in hostid part */ 1399 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1400 hostid->s6_addr32[2]; 1401 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1402 hostid->s6_addr32[3]; 1403 } 1404 1405 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /*XXX*/ 1406 bcopy(&iflr->dstaddr, &ifra.ifra_dstaddr, 1407 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1408 if (hostid) { 1409 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1410 hostid->s6_addr32[2]; 1411 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1412 hostid->s6_addr32[3]; 1413 } 1414 } 1415 1416 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1417 in6_len2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1418 1419 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1420 return in6_control(so, SIOCAIFADDR_IN6, (caddr_t)&ifra, ifp, td); 1421 } 1422 case SIOCGLIFADDR: 1423 case SIOCDLIFADDR: 1424 { 1425 struct in6_ifaddr *ia; 1426 struct in6_addr mask, candidate, match; 1427 struct sockaddr_in6 *sin6; 1428 int cmp; 1429 1430 bzero(&mask, sizeof(mask)); 1431 if (iflr->flags & IFLR_PREFIX) { 1432 /* lookup a prefix rather than address. */ 1433 in6_len2mask(&mask, iflr->prefixlen); 1434 1435 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1436 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1437 match.s6_addr32[0] &= mask.s6_addr32[0]; 1438 match.s6_addr32[1] &= mask.s6_addr32[1]; 1439 match.s6_addr32[2] &= mask.s6_addr32[2]; 1440 match.s6_addr32[3] &= mask.s6_addr32[3]; 1441 1442 /* if you set extra bits, that's wrong */ 1443 if (bcmp(&match, &sin6->sin6_addr, sizeof(match))) 1444 return EINVAL; 1445 1446 cmp = 1; 1447 } else { 1448 if (cmd == SIOCGLIFADDR) { 1449 /* on getting an address, take the 1st match */ 1450 cmp = 0; /* XXX */ 1451 } else { 1452 /* on deleting an address, do exact match */ 1453 in6_len2mask(&mask, 128); 1454 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1455 bcopy(&sin6->sin6_addr, &match, sizeof(match)); 1456 1457 cmp = 1; 1458 } 1459 } 1460 1461 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1462 { 1463 if (ifa->ifa_addr->sa_family != AF_INET6) 1464 continue; 1465 if (!cmp) 1466 break; 1467 1468 bcopy(IFA_IN6(ifa), &candidate, sizeof(candidate)); 1469 /* 1470 * XXX: this is adhoc, but is necessary to allow 1471 * a user to specify fe80::/64 (not /10) for a 1472 * link-local address. 1473 */ 1474 if (IN6_IS_ADDR_LINKLOCAL(&candidate)) 1475 candidate.s6_addr16[1] = 0; 1476 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1477 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1478 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1479 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1480 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1481 break; 1482 } 1483 if (!ifa) 1484 return EADDRNOTAVAIL; 1485 ia = ifa2ia6(ifa); 1486 1487 if (cmd == SIOCGLIFADDR) { 1488 struct sockaddr_in6 *s6; 1489 1490 /* fill in the if_laddrreq structure */ 1491 bcopy(&ia->ia_addr, &iflr->addr, ia->ia_addr.sin6_len); 1492 s6 = (struct sockaddr_in6 *)&iflr->addr; 1493 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1494 s6->sin6_addr.s6_addr16[1] = 0; 1495 s6->sin6_scope_id = 1496 in6_addr2scopeid(ifp, &s6->sin6_addr); 1497 } 1498 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1499 bcopy(&ia->ia_dstaddr, &iflr->dstaddr, 1500 ia->ia_dstaddr.sin6_len); 1501 s6 = (struct sockaddr_in6 *)&iflr->dstaddr; 1502 if (IN6_IS_ADDR_LINKLOCAL(&s6->sin6_addr)) { 1503 s6->sin6_addr.s6_addr16[1] = 0; 1504 s6->sin6_scope_id = 1505 in6_addr2scopeid(ifp, 1506 &s6->sin6_addr); 1507 } 1508 } else 1509 bzero(&iflr->dstaddr, sizeof(iflr->dstaddr)); 1510 1511 iflr->prefixlen = 1512 in6_mask2len(&ia->ia_prefixmask.sin6_addr, 1513 NULL); 1514 1515 iflr->flags = ia->ia6_flags; /* XXX */ 1516 1517 return 0; 1518 } else { 1519 struct in6_aliasreq ifra; 1520 1521 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1522 bzero(&ifra, sizeof(ifra)); 1523 bcopy(iflr->iflr_name, ifra.ifra_name, 1524 sizeof(ifra.ifra_name)); 1525 1526 bcopy(&ia->ia_addr, &ifra.ifra_addr, 1527 ia->ia_addr.sin6_len); 1528 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1529 bcopy(&ia->ia_dstaddr, &ifra.ifra_dstaddr, 1530 ia->ia_dstaddr.sin6_len); 1531 } else { 1532 bzero(&ifra.ifra_dstaddr, 1533 sizeof(ifra.ifra_dstaddr)); 1534 } 1535 bcopy(&ia->ia_prefixmask, &ifra.ifra_dstaddr, 1536 ia->ia_prefixmask.sin6_len); 1537 1538 ifra.ifra_flags = ia->ia6_flags; 1539 return in6_control(so, SIOCDIFADDR_IN6, (caddr_t)&ifra, 1540 ifp, td); 1541 } 1542 } 1543 } 1544 1545 return EOPNOTSUPP; /* just for safety */ 1546 } 1547 1548 /* 1549 * Initialize an interface's intetnet6 address 1550 * and routing table entry. 1551 */ 1552 static int 1553 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, struct sockaddr_in6 *sin6, 1554 int newhost) 1555 { 1556 int error = 0, plen, ifacount = 0; 1557 struct ifaddr *ifa; 1558 1559 lwkt_serialize_enter(ifp->if_serializer); 1560 1561 /* 1562 * Give the interface a chance to initialize 1563 * if this is its first address, 1564 * and to validate the address if necessary. 1565 */ 1566 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1567 { 1568 if (ifa->ifa_addr == NULL) 1569 continue; /* just for safety */ 1570 if (ifa->ifa_addr->sa_family != AF_INET6) 1571 continue; 1572 ifacount++; 1573 } 1574 1575 ia->ia_addr = *sin6; 1576 1577 if (ifacount <= 1 && ifp->if_ioctl && 1578 (error = ifp->if_ioctl(ifp, SIOCSIFADDR, (caddr_t)ia, 1579 (struct ucred *)NULL))) { 1580 lwkt_serialize_exit(ifp->if_serializer); 1581 return(error); 1582 } 1583 lwkt_serialize_exit(ifp->if_serializer); 1584 1585 ia->ia_ifa.ifa_metric = ifp->if_metric; 1586 1587 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1588 1589 /* 1590 * Special case: 1591 * If the destination address is specified for a point-to-point 1592 * interface, install a route to the destination as an interface 1593 * direct route. 1594 */ 1595 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1596 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1597 if ((error = rtinit(&(ia->ia_ifa), (int)RTM_ADD, 1598 RTF_UP | RTF_HOST)) != 0) 1599 return(error); 1600 ia->ia_flags |= IFA_ROUTE; 1601 } 1602 if (plen < 128) { 1603 /* 1604 * The RTF_CLONING flag is necessary for in6_is_ifloop_auto(). 1605 */ 1606 ia->ia_ifa.ifa_flags |= RTF_CLONING; 1607 } 1608 1609 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1610 if (newhost) { 1611 /* set the rtrequest function to create llinfo */ 1612 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1613 in6_ifaddloop(&(ia->ia_ifa)); 1614 } 1615 1616 return(error); 1617 } 1618 1619 /* 1620 * Add an address to the list of IP6 multicast addresses for a 1621 * given interface. 1622 */ 1623 struct in6_multi * 1624 in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, int *errorp) 1625 { 1626 struct in6_multi *in6m; 1627 struct sockaddr_in6 sin6; 1628 struct ifmultiaddr *ifma; 1629 1630 *errorp = 0; 1631 1632 crit_enter(); 1633 1634 /* 1635 * Call generic routine to add membership or increment 1636 * refcount. It wants addresses in the form of a sockaddr, 1637 * so we build one here (being careful to zero the unused bytes). 1638 */ 1639 bzero(&sin6, sizeof sin6); 1640 sin6.sin6_family = AF_INET6; 1641 sin6.sin6_len = sizeof sin6; 1642 sin6.sin6_addr = *maddr6; 1643 *errorp = if_addmulti(ifp, (struct sockaddr *)&sin6, &ifma); 1644 if (*errorp) { 1645 crit_exit(); 1646 return 0; 1647 } 1648 1649 /* 1650 * If ifma->ifma_protospec is null, then if_addmulti() created 1651 * a new record. Otherwise, we are done. 1652 */ 1653 if (ifma->ifma_protospec != 0) { 1654 crit_exit(); 1655 return ifma->ifma_protospec; 1656 } 1657 1658 /* XXX - if_addmulti uses M_WAITOK. Can this really be called 1659 at interrupt time? If so, need to fix if_addmulti. XXX */ 1660 in6m = (struct in6_multi *)malloc(sizeof(*in6m), M_IPMADDR, M_NOWAIT); 1661 if (in6m == NULL) { 1662 crit_exit(); 1663 return (NULL); 1664 } 1665 1666 bzero(in6m, sizeof *in6m); 1667 in6m->in6m_addr = *maddr6; 1668 in6m->in6m_ifp = ifp; 1669 in6m->in6m_ifma = ifma; 1670 ifma->ifma_protospec = in6m; 1671 LIST_INSERT_HEAD(&in6_multihead, in6m, in6m_entry); 1672 1673 /* 1674 * Let MLD6 know that we have joined a new IP6 multicast 1675 * group. 1676 */ 1677 mld6_start_listening(in6m); 1678 crit_exit(); 1679 return(in6m); 1680 } 1681 1682 /* 1683 * Delete a multicast address record. 1684 */ 1685 void 1686 in6_delmulti(struct in6_multi *in6m) 1687 { 1688 struct ifmultiaddr *ifma = in6m->in6m_ifma; 1689 1690 crit_enter(); 1691 1692 if (ifma->ifma_refcount == 1) { 1693 /* 1694 * No remaining claims to this record; let MLD6 know 1695 * that we are leaving the multicast group. 1696 */ 1697 mld6_stop_listening(in6m); 1698 ifma->ifma_protospec = 0; 1699 LIST_REMOVE(in6m, in6m_entry); 1700 free(in6m, M_IPMADDR); 1701 } 1702 /* XXX - should be separate API for when we have an ifma? */ 1703 if_delmulti(ifma->ifma_ifp, ifma->ifma_addr); 1704 crit_exit(); 1705 } 1706 1707 /* 1708 * Find an IPv6 interface link-local address specific to an interface. 1709 */ 1710 struct in6_ifaddr * 1711 in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags) 1712 { 1713 struct ifaddr *ifa; 1714 1715 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1716 { 1717 if (ifa->ifa_addr == NULL) 1718 continue; /* just for safety */ 1719 if (ifa->ifa_addr->sa_family != AF_INET6) 1720 continue; 1721 if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) { 1722 if ((((struct in6_ifaddr *)ifa)->ia6_flags & 1723 ignoreflags) != 0) 1724 continue; 1725 break; 1726 } 1727 } 1728 1729 return((struct in6_ifaddr *)ifa); 1730 } 1731 1732 1733 /* 1734 * find the internet address corresponding to a given interface and address. 1735 */ 1736 struct in6_ifaddr * 1737 in6ifa_ifpwithaddr(struct ifnet *ifp, struct in6_addr *addr) 1738 { 1739 struct ifaddr *ifa; 1740 1741 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1742 { 1743 if (ifa->ifa_addr == NULL) 1744 continue; /* just for safety */ 1745 if (ifa->ifa_addr->sa_family != AF_INET6) 1746 continue; 1747 if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1748 break; 1749 } 1750 1751 return((struct in6_ifaddr *)ifa); 1752 } 1753 1754 /* 1755 * Convert IP6 address to printable (loggable) representation. 1756 */ 1757 static char digits[] = "0123456789abcdef"; 1758 static int ip6round = 0; 1759 char * 1760 ip6_sprintf(const struct in6_addr *addr) 1761 { 1762 static char ip6buf[8][48]; 1763 int i; 1764 char *cp; 1765 const u_short *a = (const u_short *)addr; 1766 const u_char *d; 1767 int dcolon = 0; 1768 1769 ip6round = (ip6round + 1) & 7; 1770 cp = ip6buf[ip6round]; 1771 1772 for (i = 0; i < 8; i++) { 1773 if (dcolon == 1) { 1774 if (*a == 0) { 1775 if (i == 7) 1776 *cp++ = ':'; 1777 a++; 1778 continue; 1779 } else 1780 dcolon = 2; 1781 } 1782 if (*a == 0) { 1783 if (dcolon == 0 && *(a + 1) == 0) { 1784 if (i == 0) 1785 *cp++ = ':'; 1786 *cp++ = ':'; 1787 dcolon = 1; 1788 } else { 1789 *cp++ = '0'; 1790 *cp++ = ':'; 1791 } 1792 a++; 1793 continue; 1794 } 1795 d = (const u_char *)a; 1796 *cp++ = digits[*d >> 4]; 1797 *cp++ = digits[*d++ & 0xf]; 1798 *cp++ = digits[*d >> 4]; 1799 *cp++ = digits[*d & 0xf]; 1800 *cp++ = ':'; 1801 a++; 1802 } 1803 *--cp = 0; 1804 return(ip6buf[ip6round]); 1805 } 1806 1807 int 1808 in6_localaddr(struct in6_addr *in6) 1809 { 1810 struct in6_ifaddr *ia; 1811 1812 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1813 return 1; 1814 1815 for (ia = in6_ifaddr; ia; ia = ia->ia_next) 1816 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1817 &ia->ia_prefixmask.sin6_addr)) 1818 return 1; 1819 1820 return (0); 1821 } 1822 1823 int 1824 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1825 { 1826 struct in6_ifaddr *ia; 1827 1828 for (ia = in6_ifaddr; ia; ia = ia->ia_next) { 1829 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1830 &sa6->sin6_addr) && 1831 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1832 return(1); /* true */ 1833 1834 /* XXX: do we still have to go thru the rest of the list? */ 1835 } 1836 1837 return(0); /* false */ 1838 } 1839 1840 /* 1841 * return length of part which dst and src are equal 1842 * hard coding... 1843 */ 1844 int 1845 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1846 { 1847 int match = 0; 1848 u_char *s = (u_char *)src, *d = (u_char *)dst; 1849 u_char *lim = s + 16, r; 1850 1851 while (s < lim) 1852 if ((r = (*d++ ^ *s++)) != 0) { 1853 while (r < 128) { 1854 match++; 1855 r <<= 1; 1856 } 1857 break; 1858 } else 1859 match += 8; 1860 return match; 1861 } 1862 1863 /* XXX: to be scope conscious */ 1864 int 1865 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1866 { 1867 int bytelen, bitlen; 1868 1869 /* sanity check */ 1870 if (0 > len || len > 128) { 1871 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1872 len); 1873 return(0); 1874 } 1875 1876 bytelen = len / 8; 1877 bitlen = len % 8; 1878 1879 if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1880 return(0); 1881 if (p1->s6_addr[bytelen] >> (8 - bitlen) != 1882 p2->s6_addr[bytelen] >> (8 - bitlen)) 1883 return(0); 1884 1885 return(1); 1886 } 1887 1888 void 1889 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1890 { 1891 u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1892 int bytelen, bitlen, i; 1893 1894 /* sanity check */ 1895 if (0 > len || len > 128) { 1896 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1897 len); 1898 return; 1899 } 1900 1901 bzero(maskp, sizeof(*maskp)); 1902 bytelen = len / 8; 1903 bitlen = len % 8; 1904 for (i = 0; i < bytelen; i++) 1905 maskp->s6_addr[i] = 0xff; 1906 if (bitlen) 1907 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1908 } 1909 1910 /* 1911 * return the best address out of the same scope 1912 */ 1913 struct in6_ifaddr * 1914 in6_ifawithscope(struct ifnet *oifp, struct in6_addr *dst) 1915 { 1916 int dst_scope = in6_addrscope(dst), src_scope, best_scope = 0; 1917 int blen = -1; 1918 struct ifaddr *ifa; 1919 struct ifnet *ifp; 1920 struct in6_ifaddr *ifa_best = NULL; 1921 1922 if (oifp == NULL) { 1923 #if 0 1924 printf("in6_ifawithscope: output interface is not specified\n"); 1925 #endif 1926 return(NULL); 1927 } 1928 1929 /* 1930 * We search for all addresses on all interfaces from the beginning. 1931 * Comparing an interface with the outgoing interface will be done 1932 * only at the final stage of tiebreaking. 1933 */ 1934 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 1935 { 1936 /* 1937 * We can never take an address that breaks the scope zone 1938 * of the destination. 1939 */ 1940 if (in6_addr2scopeid(ifp, dst) != in6_addr2scopeid(oifp, dst)) 1941 continue; 1942 1943 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 1944 { 1945 int tlen = -1, dscopecmp, bscopecmp, matchcmp; 1946 1947 if (ifa->ifa_addr->sa_family != AF_INET6) 1948 continue; 1949 1950 src_scope = in6_addrscope(IFA_IN6(ifa)); 1951 1952 /* 1953 * Don't use an address before completing DAD 1954 * nor a duplicated address. 1955 */ 1956 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1957 IN6_IFF_NOTREADY) 1958 continue; 1959 1960 /* XXX: is there any case to allow anycasts? */ 1961 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1962 IN6_IFF_ANYCAST) 1963 continue; 1964 1965 if (((struct in6_ifaddr *)ifa)->ia6_flags & 1966 IN6_IFF_DETACHED) 1967 continue; 1968 1969 /* 1970 * If this is the first address we find, 1971 * keep it anyway. 1972 */ 1973 if (ifa_best == NULL) 1974 goto replace; 1975 1976 /* 1977 * ifa_best is never NULL beyond this line except 1978 * within the block labeled "replace". 1979 */ 1980 1981 /* 1982 * If ifa_best has a smaller scope than dst and 1983 * the current address has a larger one than 1984 * (or equal to) dst, always replace ifa_best. 1985 * Also, if the current address has a smaller scope 1986 * than dst, ignore it unless ifa_best also has a 1987 * smaller scope. 1988 * Consequently, after the two if-clause below, 1989 * the followings must be satisfied: 1990 * (scope(src) < scope(dst) && 1991 * scope(best) < scope(dst)) 1992 * OR 1993 * (scope(best) >= scope(dst) && 1994 * scope(src) >= scope(dst)) 1995 */ 1996 if (IN6_ARE_SCOPE_CMP(best_scope, dst_scope) < 0 && 1997 IN6_ARE_SCOPE_CMP(src_scope, dst_scope) >= 0) 1998 goto replace; /* (A) */ 1999 if (IN6_ARE_SCOPE_CMP(src_scope, dst_scope) < 0 && 2000 IN6_ARE_SCOPE_CMP(best_scope, dst_scope) >= 0) 2001 continue; /* (B) */ 2002 2003 /* 2004 * A deprecated address SHOULD NOT be used in new 2005 * communications if an alternate (non-deprecated) 2006 * address is available and has sufficient scope. 2007 * RFC 2462, Section 5.5.4. 2008 */ 2009 if (((struct in6_ifaddr *)ifa)->ia6_flags & 2010 IN6_IFF_DEPRECATED) { 2011 /* 2012 * Ignore any deprecated addresses if 2013 * specified by configuration. 2014 */ 2015 if (!ip6_use_deprecated) 2016 continue; 2017 2018 /* 2019 * If we have already found a non-deprecated 2020 * candidate, just ignore deprecated addresses. 2021 */ 2022 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) 2023 == 0) 2024 continue; 2025 } 2026 2027 /* 2028 * A non-deprecated address is always preferred 2029 * to a deprecated one regardless of scopes and 2030 * address matching (Note invariants ensured by the 2031 * conditions (A) and (B) above.) 2032 */ 2033 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) && 2034 (((struct in6_ifaddr *)ifa)->ia6_flags & 2035 IN6_IFF_DEPRECATED) == 0) 2036 goto replace; 2037 2038 /* 2039 * When we use temporary addresses described in 2040 * RFC 3041, we prefer temporary addresses to 2041 * public autoconf addresses. Again, note the 2042 * invariants from (A) and (B). Also note that we 2043 * don't have any preference between static addresses 2044 * and autoconf addresses (despite of whether or not 2045 * the latter is temporary or public.) 2046 */ 2047 if (ip6_use_tempaddr) { 2048 struct in6_ifaddr *ifat; 2049 2050 ifat = (struct in6_ifaddr *)ifa; 2051 if ((ifa_best->ia6_flags & 2052 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2053 == IN6_IFF_AUTOCONF && 2054 (ifat->ia6_flags & 2055 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2056 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) { 2057 goto replace; 2058 } 2059 if ((ifa_best->ia6_flags & 2060 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2061 == (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY) && 2062 (ifat->ia6_flags & 2063 (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY)) 2064 == IN6_IFF_AUTOCONF) { 2065 continue; 2066 } 2067 } 2068 2069 /* 2070 * At this point, we have two cases: 2071 * 1. we are looking at a non-deprecated address, 2072 * and ifa_best is also non-deprecated. 2073 * 2. we are looking at a deprecated address, 2074 * and ifa_best is also deprecated. 2075 * Also, we do not have to consider a case where 2076 * the scope of if_best is larger(smaller) than dst and 2077 * the scope of the current address is smaller(larger) 2078 * than dst. Such a case has already been covered. 2079 * Tiebreaking is done according to the following 2080 * items: 2081 * - the scope comparison between the address and 2082 * dst (dscopecmp) 2083 * - the scope comparison between the address and 2084 * ifa_best (bscopecmp) 2085 * - if the address match dst longer than ifa_best 2086 * (matchcmp) 2087 * - if the address is on the outgoing I/F (outI/F) 2088 * 2089 * Roughly speaking, the selection policy is 2090 * - the most important item is scope. The same scope 2091 * is best. Then search for a larger scope. 2092 * Smaller scopes are the last resort. 2093 * - A deprecated address is chosen only when we have 2094 * no address that has an enough scope, but is 2095 * prefered to any addresses of smaller scopes 2096 * (this must be already done above.) 2097 * - addresses on the outgoing I/F are preferred to 2098 * ones on other interfaces if none of above 2099 * tiebreaks. In the table below, the column "bI" 2100 * means if the best_ifa is on the outgoing 2101 * interface, and the column "sI" means if the ifa 2102 * is on the outgoing interface. 2103 * - If there is no other reasons to choose one, 2104 * longest address match against dst is considered. 2105 * 2106 * The precise decision table is as follows: 2107 * dscopecmp bscopecmp match bI oI | replace? 2108 * N/A equal N/A Y N | No (1) 2109 * N/A equal N/A N Y | Yes (2) 2110 * N/A equal larger N/A | Yes (3) 2111 * N/A equal !larger N/A | No (4) 2112 * larger larger N/A N/A | No (5) 2113 * larger smaller N/A N/A | Yes (6) 2114 * smaller larger N/A N/A | Yes (7) 2115 * smaller smaller N/A N/A | No (8) 2116 * equal smaller N/A N/A | Yes (9) 2117 * equal larger (already done at A above) 2118 */ 2119 dscopecmp = IN6_ARE_SCOPE_CMP(src_scope, dst_scope); 2120 bscopecmp = IN6_ARE_SCOPE_CMP(src_scope, best_scope); 2121 2122 if (bscopecmp == 0) { 2123 struct ifnet *bifp = ifa_best->ia_ifp; 2124 2125 if (bifp == oifp && ifp != oifp) /* (1) */ 2126 continue; 2127 if (bifp != oifp && ifp == oifp) /* (2) */ 2128 goto replace; 2129 2130 /* 2131 * Both bifp and ifp are on the outgoing 2132 * interface, or both two are on a different 2133 * interface from the outgoing I/F. 2134 * now we need address matching against dst 2135 * for tiebreaking. 2136 */ 2137 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2138 matchcmp = tlen - blen; 2139 if (matchcmp > 0) /* (3) */ 2140 goto replace; 2141 continue; /* (4) */ 2142 } 2143 if (dscopecmp > 0) { 2144 if (bscopecmp > 0) /* (5) */ 2145 continue; 2146 goto replace; /* (6) */ 2147 } 2148 if (dscopecmp < 0) { 2149 if (bscopecmp > 0) /* (7) */ 2150 goto replace; 2151 continue; /* (8) */ 2152 } 2153 2154 /* now dscopecmp must be 0 */ 2155 if (bscopecmp < 0) 2156 goto replace; /* (9) */ 2157 2158 replace: 2159 ifa_best = (struct in6_ifaddr *)ifa; 2160 blen = tlen >= 0 ? tlen : 2161 in6_matchlen(IFA_IN6(ifa), dst); 2162 best_scope = in6_addrscope(&ifa_best->ia_addr.sin6_addr); 2163 } 2164 } 2165 2166 /* count statistics for future improvements */ 2167 if (ifa_best == NULL) 2168 ip6stat.ip6s_sources_none++; 2169 else { 2170 if (oifp == ifa_best->ia_ifp) 2171 ip6stat.ip6s_sources_sameif[best_scope]++; 2172 else 2173 ip6stat.ip6s_sources_otherif[best_scope]++; 2174 2175 if (best_scope == dst_scope) 2176 ip6stat.ip6s_sources_samescope[best_scope]++; 2177 else 2178 ip6stat.ip6s_sources_otherscope[best_scope]++; 2179 2180 if ((ifa_best->ia6_flags & IN6_IFF_DEPRECATED) != 0) 2181 ip6stat.ip6s_sources_deprecated[best_scope]++; 2182 } 2183 2184 return(ifa_best); 2185 } 2186 2187 /* 2188 * return the best address out of the same scope. if no address was 2189 * found, return the first valid address from designated IF. 2190 */ 2191 struct in6_ifaddr * 2192 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 2193 { 2194 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 2195 struct ifaddr *ifa; 2196 struct in6_ifaddr *besta = 0; 2197 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 2198 2199 dep[0] = dep[1] = NULL; 2200 2201 /* 2202 * We first look for addresses in the same scope. 2203 * If there is one, return it. 2204 * If two or more, return one which matches the dst longest. 2205 * If none, return one of global addresses assigned other ifs. 2206 */ 2207 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2208 { 2209 if (ifa->ifa_addr->sa_family != AF_INET6) 2210 continue; 2211 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2212 continue; /* XXX: is there any case to allow anycast? */ 2213 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2214 continue; /* don't use this interface */ 2215 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2216 continue; 2217 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2218 if (ip6_use_deprecated) 2219 dep[0] = (struct in6_ifaddr *)ifa; 2220 continue; 2221 } 2222 2223 if (dst_scope == in6_addrscope(IFA_IN6(ifa))) { 2224 /* 2225 * call in6_matchlen() as few as possible 2226 */ 2227 if (besta) { 2228 if (blen == -1) 2229 blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst); 2230 tlen = in6_matchlen(IFA_IN6(ifa), dst); 2231 if (tlen > blen) { 2232 blen = tlen; 2233 besta = (struct in6_ifaddr *)ifa; 2234 } 2235 } else 2236 besta = (struct in6_ifaddr *)ifa; 2237 } 2238 } 2239 if (besta) 2240 return(besta); 2241 2242 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2243 { 2244 if (ifa->ifa_addr->sa_family != AF_INET6) 2245 continue; 2246 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST) 2247 continue; /* XXX: is there any case to allow anycast? */ 2248 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY) 2249 continue; /* don't use this interface */ 2250 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED) 2251 continue; 2252 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) { 2253 if (ip6_use_deprecated) 2254 dep[1] = (struct in6_ifaddr *)ifa; 2255 continue; 2256 } 2257 2258 return (struct in6_ifaddr *)ifa; 2259 } 2260 2261 /* use the last-resort values, that are, deprecated addresses */ 2262 if (dep[0]) 2263 return dep[0]; 2264 if (dep[1]) 2265 return dep[1]; 2266 2267 return NULL; 2268 } 2269 2270 /* 2271 * perform DAD when interface becomes IFF_UP. 2272 */ 2273 void 2274 in6_if_up(struct ifnet *ifp) 2275 { 2276 struct ifaddr *ifa; 2277 struct in6_ifaddr *ia; 2278 int dad_delay; /* delay ticks before DAD output */ 2279 2280 /* 2281 * special cases, like 6to4, are handled in in6_ifattach 2282 */ 2283 in6_ifattach(ifp, NULL); 2284 2285 dad_delay = 0; 2286 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) 2287 { 2288 if (ifa->ifa_addr->sa_family != AF_INET6) 2289 continue; 2290 ia = (struct in6_ifaddr *)ifa; 2291 if (ia->ia6_flags & IN6_IFF_TENTATIVE) 2292 nd6_dad_start(ifa, &dad_delay); 2293 } 2294 } 2295 2296 int 2297 in6if_do_dad(struct ifnet *ifp) 2298 { 2299 if ((ifp->if_flags & IFF_LOOPBACK) != 0) 2300 return(0); 2301 2302 switch (ifp->if_type) { 2303 #ifdef IFT_DUMMY 2304 case IFT_DUMMY: 2305 #endif 2306 case IFT_FAITH: 2307 /* 2308 * These interfaces do not have the IFF_LOOPBACK flag, 2309 * but loop packets back. We do not have to do DAD on such 2310 * interfaces. We should even omit it, because loop-backed 2311 * NS would confuse the DAD procedure. 2312 */ 2313 return(0); 2314 default: 2315 /* 2316 * Our DAD routine requires the interface up and running. 2317 * However, some interfaces can be up before the RUNNING 2318 * status. Additionaly, users may try to assign addresses 2319 * before the interface becomes up (or running). 2320 * We simply skip DAD in such a case as a work around. 2321 * XXX: we should rather mark "tentative" on such addresses, 2322 * and do DAD after the interface becomes ready. 2323 */ 2324 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != 2325 (IFF_UP|IFF_RUNNING)) 2326 return(0); 2327 2328 return(1); 2329 } 2330 } 2331 2332 /* 2333 * Calculate max IPv6 MTU through all the interfaces and store it 2334 * to in6_maxmtu. 2335 */ 2336 void 2337 in6_setmaxmtu(void) 2338 { 2339 unsigned long maxmtu = 0; 2340 struct ifnet *ifp; 2341 2342 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) 2343 { 2344 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2345 ND_IFINFO(ifp)->linkmtu > maxmtu) 2346 maxmtu = ND_IFINFO(ifp)->linkmtu; 2347 } 2348 if (maxmtu) /* update only when maxmtu is positive */ 2349 in6_maxmtu = maxmtu; 2350 } 2351 2352 void * 2353 in6_domifattach(struct ifnet *ifp) 2354 { 2355 struct in6_ifextra *ext; 2356 2357 ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK); 2358 bzero(ext, sizeof(*ext)); 2359 2360 ext->in6_ifstat = (struct in6_ifstat *)malloc(sizeof(struct in6_ifstat), 2361 M_IFADDR, M_WAITOK); 2362 bzero(ext->in6_ifstat, sizeof(*ext->in6_ifstat)); 2363 2364 ext->icmp6_ifstat = 2365 (struct icmp6_ifstat *)malloc(sizeof(struct icmp6_ifstat), 2366 M_IFADDR, M_WAITOK); 2367 bzero(ext->icmp6_ifstat, sizeof(*ext->icmp6_ifstat)); 2368 2369 ext->nd_ifinfo = nd6_ifattach(ifp); 2370 ext->scope6_id = scope6_ifattach(ifp); 2371 return ext; 2372 } 2373 2374 void 2375 in6_domifdetach(struct ifnet *ifp, void *aux) 2376 { 2377 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2378 scope6_ifdetach(ext->scope6_id); 2379 nd6_ifdetach(ext->nd_ifinfo); 2380 free(ext->in6_ifstat, M_IFADDR); 2381 free(ext->icmp6_ifstat, M_IFADDR); 2382 free(ext, M_IFADDR); 2383 } 2384 2385 /* 2386 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2387 * v4 mapped addr or v4 compat addr 2388 */ 2389 void 2390 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2391 { 2392 bzero(sin, sizeof(*sin)); 2393 sin->sin_len = sizeof(struct sockaddr_in); 2394 sin->sin_family = AF_INET; 2395 sin->sin_port = sin6->sin6_port; 2396 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2397 } 2398 2399 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2400 void 2401 in6_sin_2_v4mapsin6(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2402 { 2403 bzero(sin6, sizeof(*sin6)); 2404 sin6->sin6_len = sizeof(struct sockaddr_in6); 2405 sin6->sin6_family = AF_INET6; 2406 sin6->sin6_port = sin->sin_port; 2407 sin6->sin6_addr.s6_addr32[0] = 0; 2408 sin6->sin6_addr.s6_addr32[1] = 0; 2409 sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2410 sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr; 2411 } 2412 2413 /* Convert sockaddr_in6 into sockaddr_in. */ 2414 void 2415 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2416 { 2417 struct sockaddr_in *sin_p; 2418 struct sockaddr_in6 sin6; 2419 2420 /* 2421 * Save original sockaddr_in6 addr and convert it 2422 * to sockaddr_in. 2423 */ 2424 sin6 = *(struct sockaddr_in6 *)nam; 2425 sin_p = (struct sockaddr_in *)nam; 2426 in6_sin6_2_sin(sin_p, &sin6); 2427 } 2428 2429 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2430 void 2431 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2432 { 2433 struct sockaddr_in *sin_p; 2434 struct sockaddr_in6 *sin6_p; 2435 2436 MALLOC(sin6_p, struct sockaddr_in6 *, sizeof *sin6_p, M_SONAME, 2437 M_WAITOK); 2438 sin_p = (struct sockaddr_in *)*nam; 2439 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2440 FREE(*nam, M_SONAME); 2441 *nam = (struct sockaddr *)sin6_p; 2442 } 2443